Overview

overview

10

Static

static

d58894ff74...3c.exe

windows7-x64

10

d58894ff74...3c.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    154s
  • max time network
    190s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    14-10-2022 04:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d58894ff749e4383c76143b13a4003a9a7837043b334c87d19ee977550f1863c.exe

  • Size

    1.2MB

  • MD5

    40f6f83961632bc63dffda1fd8628070

  • SHA1

    c3e287f06a62460adc2489bd5b6ad977f51fe881

  • SHA256

    d58894ff749e4383c76143b13a4003a9a7837043b334c87d19ee977550f1863c

  • SHA512

    c99a43ce572fd22b329692b11bdd47e32d4c2b5c86cd173df8b7f0d83c2d58af9276d241bf6ab2037fc609b362a0047e9b32a137e464ce473a282df1444c8c19

  • SSDEEP

    24576:O84Fb6PHUotlxRz0rs2v62W5su0S7sBpbu3DX:O/6PHpMA2v6L0S7sBpKT

Score
10/10
jokerinfostealertrojan

Malware Config

Signatures

  • joker

    Joker is an Android malware that targets billing and SMS fraud.

    infostealertrojanjoker
  • Drops file in System32 directory 1 IoCs
  • Drops file in Program Files directory 14 IoCs
  • Drops file in Windows directory 2 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

  • Modifies Internet Explorer settings 1 TTPs 64 IoCs
    adwarespyware
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of FindShellTrayWindow 4 IoCs
  • Suspicious use of SetWindowsHookEx 20 IoCs
  • Suspicious use of WriteProcessMemory 43 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\d58894ff749e4383c76143b13a4003a9a7837043b334c87d19ee977550f1863c.exe
    "C:\Users\Admin\AppData\Local\Temp\d58894ff749e4383c76143b13a4003a9a7837043b334c87d19ee977550f1863c.exe"
    1⤵
    • Drops file in System32 directory
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1172
    • C:\Windows\SysWOW64\cmd.exe
      cmd /c C:\Users\Admin\AppData\Local\Temp\a9RiS.bat
      2⤵
      • Suspicious use of WriteProcessMemory
      PID:560
      • C:\Windows\SysWOW64\expand.exe
        expand.exe "C:\Users\Admin\AppData\Local\Temp\ico.cab" -F:*.* "C:\progra~1\ico"
        3⤵
        • Drops file in Program Files directory
        • Drops file in Windows directory
        PID:1308
    • C:\Windows\SysWOW64\explorer.exe
      explorer.exe http://www.v258.net/list/list16.html?mmm
      2⤵
        PID:2024
      • C:\Program Files\Internet Explorer\iexplore.exe
        "C:\Program Files\Internet Explorer\iexplore.exe" http://www.q22.cc/?ukt
        2⤵
        • Modifies Internet Explorer settings
        • Suspicious use of FindShellTrayWindow
        • Suspicious use of SetWindowsHookEx
        • Suspicious use of WriteProcessMemory
        PID:1560
        • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
          "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1560 CREDAT:275457 /prefetch:2
          3⤵
          • Modifies Internet Explorer settings
          • Suspicious use of SetWindowsHookEx
          PID:848
      • C:\Program Files\Internet Explorer\iexplore.exe
        "C:\Program Files\Internet Explorer\iexplore.exe" http://www.v921.com/?uk
        2⤵
        • Modifies Internet Explorer settings
        • Suspicious use of FindShellTrayWindow
        • Suspicious use of SetWindowsHookEx
        • Suspicious use of WriteProcessMemory
        PID:1272
        • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
          "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1272 CREDAT:275457 /prefetch:2
          3⤵
          • Modifies Internet Explorer settings
          • Suspicious use of SetWindowsHookEx
          PID:1140
      • C:\Program Files\Internet Explorer\iexplore.exe
        "C:\Program Files\Internet Explorer\iexplore.exe" http://www.779dh.com/?kj
        2⤵
        • Modifies Internet Explorer settings
        • Suspicious use of FindShellTrayWindow
        • Suspicious use of SetWindowsHookEx
        • Suspicious use of WriteProcessMemory
        PID:1652
        • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
          "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1652 CREDAT:275458 /prefetch:2
          3⤵
          • Modifies Internet Explorer settings
          • Suspicious use of SetWindowsHookEx
          PID:388
    • C:\Windows\explorer.exe
      C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
      1⤵
      • Suspicious use of WriteProcessMemory
      PID:1512
      • C:\Program Files\Internet Explorer\iexplore.exe
        "C:\Program Files\Internet Explorer\iexplore.exe" http://www.v258.net/list/list16.html?mmm
        2⤵
        • Modifies Internet Explorer settings
        • Suspicious use of FindShellTrayWindow
        • Suspicious use of SetWindowsHookEx
        • Suspicious use of WriteProcessMemory
        PID:752
        • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
          "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:752 CREDAT:275457 /prefetch:2
          3⤵
          • Suspicious use of SetWindowsHookEx
          PID:1764

    Network

    MITRE ATT&CK Enterprise v6

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\07CEF2F654E3ED6050FFC9B6EB844250_3431D4C539FB2CFCB781821E9902850D
      Filesize

      2KB

      MD5

      b90f7774c9a454dcb4e765a13fd24eb0

      SHA1

      f08a1453647c33dfd7d5757619f8b786106c1810

      SHA256

      cef9e0d09bcefec36de16ecca1a53665018bae69aac8c5350e5e74594574b877

      SHA512

      648f95283286096734187c0c130db8ee294046fde96bcaf7409761bc5b4207073b2006f4dddd8c8e3f44423934ce92ac112bd18fafc329e0b839404552b54249

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\0DA515F703BB9B49479E8697ADB0B955_4136D3715888E22D65EBE484B233D81B
      Filesize

      1KB

      MD5

      be9d844ee366a93894115b42bfdb9e5f

      SHA1

      72502c6dc0cf0096085e58347022d318e7cac171

      SHA256

      ea7d6276f53a1683acdd10a5d591483e43318e4a1623291cfebc4b984d4c5090

      SHA512

      495e1f2e07785ca66b0ab30c432de1a0e067c11d3cc05e214f5dc5a579e9f6908d5801a3122cc29653d7d8357c7a352c4c79cf7ccc873f6e94fdf849f1e9072b

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\349D186F1CB5682FA0194D4F3754EF36_97A2CB43E01F27293633B7B57353C80B
      Filesize

      1KB

      MD5

      49a565ce9c559b8cfb68930a5d435560

      SHA1

      3987277fb4cb5a92f53d8826f90a738c8903f762

      SHA256

      d6ea4b02c1707bade7c03b23da51d8809247b1766964a32d4583ac5702d859e6

      SHA512

      72a84784b796d4d645f30697f4ea2834751d5146813bd3a2042400e9745faae9303118cd46aedbb3727613281c2f9d91de48eaed1b9addccef49026f68d271ee

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
      Filesize

      60KB

      MD5

      d15aaa7c9be910a9898260767e2490e1

      SHA1

      2090c53f8d9fc3fbdbafd3a1e4dc25520eb74388

      SHA256

      f8ebaaf487cba0c81a17c8cd680bdd2dd8e90d2114ecc54844cffc0cc647848e

      SHA512

      7e1c1a683914b961b5cc2fe5e4ae288b60bab43bfaa21ce4972772aa0589615c19f57e672e1d93e50a7ed7b76fbd2f1b421089dcaed277120b93f8e91b18af94

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\ACF244F1A10D4DBED0D88EBA0C43A9B5_16756CC7371BB76A269719AA1471E96C
      Filesize

      1KB

      MD5

      00227a1997000059db17c4973b72409d

      SHA1

      f583a8cf20fafabdc46595d85f32ed3f51f140a9

      SHA256

      37f5fa67232195384dfb20b9437c251697dfb2c9a377b1da726176757b31c917

      SHA512

      bcb08425bf0998004ab5331c5d0b3989b1ac6ee9616da1e1e3cfd02ee288c267fa3b8b1ef1d3bd9dcce707c0a3288ef0904fc5851513641a05f4718fc3e711ea

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B039FEA45CB4CC4BBACFC013C7C55604_50D7940D5D3FEDD8634D83074C7A46A3
      Filesize

      1KB

      MD5

      2faa5fa6cf8cbd0a994e883351f7e8e3

      SHA1

      b8c3a1bb394c13f0d7ca8fbe3b867fed2b21dc98

      SHA256

      8488e0208fddfe15b79514e70777c0ec7bff1e680f704c04eac1580fad4d421e

      SHA512

      d90b96f1d81ea32a19681e27949c10dc434f07c5270c6cc454428b36f52a62a751b152299fcc1202973b32947353e23fe2a93516bf64bea6634ea134d4f9ad67

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B2FAF7692FD9FFBD64EDE317E42334BA_D7393C8F62BDE4D4CB606228BC7A711E
      Filesize

      1KB

      MD5

      6ad22bb37c06a8542959021fc49948fa

      SHA1

      753e47099793b24efedc8208611e9fabb74990b2

      SHA256

      e88f513b287a2aaa2118d51d71a20ff6cd04dacb2bbafba25676fc0ade7874b7

      SHA512

      838d033789ae6028b8fac4c5a6f7415d1515a2ea3a4a022c890e0879abddcf05794165799ae890ae3c54601fed034efb3f2fed35d3fa980c13941799d87dd440

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
      Filesize

      1KB

      MD5

      a266bb7dcc38a562631361bbf61dd11b

      SHA1

      3b1efd3a66ea28b16697394703a72ca340a05bd5

      SHA256

      df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

      SHA512

      0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\07CEF2F654E3ED6050FFC9B6EB844250_3431D4C539FB2CFCB781821E9902850D
      Filesize

      488B

      MD5

      f056f8d72e23166e9d648dc1acb0674c

      SHA1

      08c8fe097dc7b0b5129b71af5735d3f1afd7548e

      SHA256

      24fd5eeed001972d038da957f3f454699ea501bca1fcfb3c4575a4459379920c

      SHA512

      318221f62523986e781993bac72778c4966bc969a2a6eadb091974aa34a94510b562e6c21f3ed86f78f19ed97273479cc9936dd2e37563214d96b045b46290e3

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\0DA515F703BB9B49479E8697ADB0B955_4136D3715888E22D65EBE484B233D81B
      Filesize

      508B

      MD5

      a27bc89eaef2c48df62a882496c1893f

      SHA1

      b6401e7dee84b4a8e1f3e900fe93ef288ed4b109

      SHA256

      329caf30952642ce25362b83ff440cd0d8d8531c0d7167533fd96e8207778ef8

      SHA512

      4b487eea61ed8e3a1993634ceda591617517d2b3c4d837a77da2a111aa0c661090a15878ff4229d97556c4b4fe41a43906037e25e65a46cbb03590ae168e5588

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\349D186F1CB5682FA0194D4F3754EF36_97A2CB43E01F27293633B7B57353C80B
      Filesize

      532B

      MD5

      e5af5bf90e7e40bd11b720a3cd46ebf4

      SHA1

      4acbec92cd5d3af2f169e4665d7f8b920bed7ec7

      SHA256

      6ffc2b8b0dacbcef2c298dd841d2d1fcc9713df89c8359c09ff971c6cab94386

      SHA512

      c79644394d3422d2549e86d453d105aee9247a66e5cc6d2041a85c3da9f7d185115e454973869db154fa0188dcf85f0104beb45477b629e8c587ce759d4277d7

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      340B

      MD5

      5ed854d1a71b0b2c4551cea91b0c879a

      SHA1

      132d5e5afa457ce50eb62d444b03ba7d72196699

      SHA256

      609e70c568cd6382d50c8b5d30f5916cb80bcc981758332cf3777a3db9432ac2

      SHA512

      5f210d8852daabc7fa35bc896d351955f0b31360a1c1664bdba7dc50c01134ff0016090e3ca9966d66b32dc3878c20968506bab51c6add6c783e00c408d5710f

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      bed3a23f725e7283bc682dd54ee0f09f

      SHA1

      6686452927c1ee2f6e86e60f273b805d08e826fa

      SHA256

      8db4f742f90aa806d2198185500640ecded35f820c10536cad495a93dbe637a4

      SHA512

      d032c3f51ca3e47c3c5fe1b03264f7b854cecb05644307e1190db94b492deaa2404bf77f243fc891961589fb83c88550dc04a731abddea595697e80726e895d6

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
      Filesize

      342B

      MD5

      86d8172bfdf37d361deb6f74a687e4ee

      SHA1

      e030032f23720ec81d6a573fca36cb24335d4267

      SHA256

      447d0d29532f81efb322c757e64e6dc9a9bbe576c8331bb58d1cf48cee121911

      SHA512

      512b6fc308b0ccdea82d2d4e9c50249aeedc0e568a0f8e3dccfa7916afc143afad9798a3d56f7afc962512853da0bf9555f4fa0a313c8e56a7a2c528ac78c8a6

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\ACF244F1A10D4DBED0D88EBA0C43A9B5_16756CC7371BB76A269719AA1471E96C
      Filesize

      492B

      MD5

      26eb64a08cf62c5622adb9f265c8d6e3

      SHA1

      f8417d3b199839c89bb7d74524fc8cae4fb3abde

      SHA256

      867c9b55046c56a5b5c468a2847a486b2d54bb2cd014335f5ef9c40d73510eba

      SHA512

      638197ef84a07a50feb66013bb9187d1be1b0a5b0ecfaa39f86978822656bcf8016cf075c6bffb00d5b27b185233d817598756a5f8c06da706a4a2cfc8e425d8

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B039FEA45CB4CC4BBACFC013C7C55604_50D7940D5D3FEDD8634D83074C7A46A3
      Filesize

      506B

      MD5

      aa0c875e09408c44d47fd2e43af1a10a

      SHA1

      3f38425f4e181c2acce36572219d548b59486c5a

      SHA256

      0258f5215c557dafcf82630eb30fe1cb862a01e4fe291022e78e987308350dca

      SHA512

      959b3f06dd54eeb9af962c2c0d732c0333c4b9ad5650451093d4558f3f5d778ad558cf449f9e8431839bdf515d511a14700d1081d399d3212250d346886be80c

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B2FAF7692FD9FFBD64EDE317E42334BA_D7393C8F62BDE4D4CB606228BC7A711E
      Filesize

      482B

      MD5

      52f82513617b9afe457652b8305930a9

      SHA1

      dd1023961e7b953467a05e6662f6f9c06733c1cc

      SHA256

      f1dd1b2a0a04e5065fcac1c556774178523d052c5c60532c18b64d6462d25c7a

      SHA512

      f642b88430059cc27f6efd2f97c7a4a69d6cd2d3cfc3251e54e2dfb9babdc5d9eb36f9c40c16c80d8cd20e9b3a37231e1f4add2f74ab46c85739474d6a240f6e

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
      Filesize

      242B

      MD5

      72533b1304d6775576c3b0f8469b67e9

      SHA1

      347e443a4febefa1c4a0fae83c03617a9a5b7e0c

      SHA256

      fbe027dfa5adc6f012cef8d1ca1f1ab79cbb43f56d42793b5d538e9289ac0c55

      SHA512

      c795325e19ddc0f76e759672b8b2ad00ab6ae23a5b6ecd3785b4b82a9f7fd2409b099e98f920a224b9de028adfa43e65fe67c84a54f71eb854a42db800353ec4

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{C85B22D1-4BAE-11ED-BDAB-FE41811C61F5}.dat
      Filesize

      3KB

      MD5

      374b063bd39126d45be934fdd9babf53

      SHA1

      6890ff85900ed5a6a8a9d8de39f3386ac64523eb

      SHA256

      b42e0532cb1d28171b1a311e51ceaf281cab5283c9b0c0743fe7ddb8a15a9356

      SHA512

      bb47a694946abd9376586f25d5ddbec27dbf6090befbb9df5a53da17b7c27a7eb3eeb96756847c0ea7863ff4a34adf16cd4c1aa8db5e70dcf67dce5bc04eae51

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{C85B49E1-4BAE-11ED-BDAB-FE41811C61F5}.dat
      Filesize

      5KB

      MD5

      434a4a73cd6cee13c53d6fe850cdccdb

      SHA1

      413b8ea50c6bc61c5e584966da4e35d33658f235

      SHA256

      2bde235e68543151df55201a538ceccf52bc4a10b506894da51019dec150d287

      SHA512

      aa9bd1fdb30cbbc006b69a416493773aa3efe1f63ec98aa1da1a08a60edca29174ea44eab09edac15ca079a4cb69bc295ac5396246bc556d0f4b4312e95d08fc

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{C85B70F1-4BAE-11ED-BDAB-FE41811C61F5}.dat
      Filesize

      3KB

      MD5

      2e3f9f3392de6592af8b3b726ec436eb

      SHA1

      3ed42a16f6b20d6579750473b0c0596d8adede41

      SHA256

      620af63174a723ee9c5ba4133be292c8305a339d642a612e2a0b378c13dabc35

      SHA512

      af6551c8a5f8c7d6512add2ba00e403d74538a0b3b29f940f25171f21144813939d46a8df9abbc377e43a3574bac3abae09b768bb513b094cf58ddc788c5f40a

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\a9RiS.bat
      Filesize

      98B

      MD5

      ada787702460241a372c495dc53dbdcf

      SHA1

      da7d65ec9541fe9ed13b3531f38202f83b0ac96d

      SHA256

      0d0f600f95192d2d602dbda346c4e08745295f331f5a0349deae21705367b850

      SHA512

      c86091735b855691c89c7946145591dec6a6a6a36a2438d392587a9cc1f2d85c1ebe44fcff1cc9d94271a24ebbc2ca38639577a6f5c592e9e10517da26572708

      Download Submit

    • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\08QQNLSX.txt
      Filesize

      94B

      MD5

      2ddd5411f2c017f1a0d2202534d80639

      SHA1

      3c9bea3abf17348f493f932aa741e0a84df1552e

      SHA256

      786f7ee786fdf13ebc563aa9dc15324bf0e13957141296754a06c13816f67f11

      SHA512

      2b2ac98b8ffa4bcbfaf5de054adccc20f721ccf8df66730bd97923152813aae274ac56631180d0eaceb82787de1fc126b5b621fda7909d59314ff0abd1bdbe0d

      Download Submit

    • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\8EW7ULTJ.txt
      Filesize

      608B

      MD5

      2e97bc4636767c2fba5f4e394936aa1c

      SHA1

      66d06b5ee4d9a1a0a63b09ded96966c572a7cc6a

      SHA256

      4a65e4290e4a7c5aab864e4b21a473a2d48fcc09edfee9f772615a641debbca0

      SHA512

      2cd44813296079f4113d92bdc395a6bb903b310f9bd7863724e795a4803ee433eaea26b1dee15a47addb7f0e0d0f854d1c58da45fc80c735d8ccff53c7e71ad3

      Download Submit

    • \??\c:\users\admin\appdata\local\temp\ico.cab
      Filesize

      20KB

      MD5

      1319e9998cedc513c68fa6d590b6ad63

      SHA1

      ae95b333e88a13886994f320f5dfb4856168a710

      SHA256

      9a5b18efe243fbe9b9b0be3674a24080e9210436986988f3f85a4007905083bb

      SHA512

      d4052a899c6c310296e2f5fdf6c2031c22d2644be620cb34ddcc6b59789d82a6462daaeb34466c568be48ee975c4a5ab43143eab0792312a6cd0d49f9fbd8d3f

      Download Submit

    • memory/1172-62-0x0000000000400000-0x0000000000536000-memory.dmp

      Filesize

      1.2MB

      Download

    • memory/1172-54-0x0000000075A81000-0x0000000075A83000-memory.dmp

      Filesize

      8KB

      Download

    • memory/1512-63-0x000007FEFB9B1000-0x000007FEFB9B3000-memory.dmp

      Filesize

      8KB

      Download

    • memory/2024-61-0x0000000074671000-0x0000000074673000-memory.dmp

      Filesize

      8KB

      Download